Category Archives: Servers

News and issues relating to server side technology.

Global WordPress Brute Force Flood

Posted on by

As I type these words, there is an on-going and highly-distributed, global attack on WordPress installations across virtually every web host in existence. This attack is well organized and again very, very distributed; we have seen over 90,000 IP addresses involved in this attack.

via Global WordPress Brute Force Flood | HostGator Web Hosting Blog | Gator Crossing.

This wordpress blog has been receiving these attacks since around the beginning of the year.   Getting rid of the admin account is a first step and using strong passwords is a second, I chose to just shut down access from the Internet entirely by disabling the wp-admin directory and wp-login.php access in httpd.conf.   That may not be practical for most sites however.  The error logs were getting quiet in the last 3 or 4 weeks and then this week they’re back up to full speed blocking with IPs from ranges all over the place.   It looks like I’m not the only one experiencing this according to here and here.

Update:  From my observations of the logs over these last few months these bots are hitting the sites very patiently, sometimes once an hour thus running under the radar of the security plug ins I tried.

Update II: More links here, here, and from here:

These rules will block access for the offending IP address for 5 minutes upon 10 failed login attempts over a 3 minute duration.

This won’t work.  Each IP from these bots may hit you once or twice an hour so any limit login plugin won’t detect them at any rate to ban them.  You can’t stop this on an IP basis.  Since my logs last rotated Sunday morning (almost 6 days ago) I have had 500 different IP addresses hit wp-login.php.  They all have been given 403 Forbidden responses yet they keep coming.

Linux Friendly Video Streaming?

Posted on by

For quite some time I just resigned myself to the fact that I’d have to boot into windows or use some other poor method to get my netflix on… then Erich Hoover arrived with a heroic flast to his eye, chin thrust forward and proclaimed, “Do not go gentle into that sudo shutdown -r now! Rage, rage against the needlessness of these cursed reboots!

Here is how to install the Netflix Desktop App on Ubuntu. Open a terminal and run these commands:
sudo apt-add-repository ppa:ehoover/compholio
sudo apt-get update
sudo apt-get install netflix-desktop

More info here: http://www.iheartubuntu.com/2012/11/ppa-for-netflix-desktop-app.html [iheartubuntu.com]

via Ask Slashdot: Linux Friendly Video Streaming? – Slashdot.

Honeypot Stings Attackers With Counterattacks

Posted on by

The PHP portion included a field for “members” to enter their “secret code” to enter the “private zone,” he explains. “So it’s a good idea to try a SQL injection attack” there, he says of the lure.

“My script had [a] few checks for some patterns, and when a SQL injection attempt was detected, the script [threw the] Java applet, ‘GUI for member zona. Welcome,'” he says. The Java applet then installed a backdoor on the attacker’s Windows machine, he says.

via Honeypot Stings Attackers With Counterattacks – Dark Reading.

In his research paper (PDF) on the experiment, Sintsov explains it this way: “Obviously, reverse penetration has a number of moral, ethical and legal issues

Apache Mesos: Dynamic Resource Sharing for Clusters

Posted on by

Apache Mesos is a cluster manager that provides efficient resource isolation and sharing across distributed applications, or frameworks. It can run Hadoop, MPI, Hypertable, Spark (a new framework for low-latency interactive and iterative jobs), and other applications. Mesos is open source in the Apache Incubator.

via Apache Mesos: Dynamic Resource Sharing for Clusters.

Mesos is being used to manage clusters at Twitter, AirBnb, Conviva, UC Berkeley, and UC San Francisco.

Calxeda’s ARM server tested

Posted on by

At first sight, the relatively low performance per core of ARM CPUs seems like a bad match for servers. The dominant CPU in the server market is without doubt Intel’s Xeon. The success of the Xeon family is largely rooted in its excellent single-threaded (or per core) performance at moderate power levels (70-95W). Combine this exceptional single-threaded performance with a decent core count and you get good performance in almost any kind of application. Economies of scale and the resulting price levels are also very important, but the server market has been more than willing to pay a little extra if the response times are lower and the energy bills moderate.

via AnandTech | Calxeda’s ARM server tested.

As usual another thorough review from Anandtech.  Below is another interesting architectural tidbit.

CalxedaSoc_575px

Let’s start with a familiar block on the SoC (black): the external I/O controller. The chip has a SATA 2.0 controller capable of 3Gb/s, a General Purpose Media Controller (GPMC) providing SD and eMMC access, a PCIe controller, and an Ethernet controller providing up to 10Gbit speeds. PCIe connectivity cannot be used in this system, but Calxeda can make custom designs of the “motherboard” to let customers attach PCIe cards if requested.

Re-architecting for world domination

Posted on by

Buytaert, who is also the founder of Drupal services firm Acquia, has ambitious goals for Drupal, as it continues to shift away from purely a content management system towards a unified Web platform that organisations can standardise on to build Web-based services, for both internal and customer-focussed sites.

via Drupal 8: Re-architecting for world domination – open source, cms, content management, drupal – Computerworld.

The Leading Open Source Data Center Automation and Configuration Management Tool

Posted on by

Puppet Labs’ IT automation software enables system administrators to deliver the operational agility and efficiency of cloud computing at enterprise-class service levels, scaling from handfuls of nodes on-premise to tens of thousands in the cloud. Puppet powers thousands of companies, including Twitter, Yelp, eBay, Zynga, JP Morgan Chase, Bank of America, Google, Disney, Citrix, Oracle, and Viacom.

via Puppet Labs: The Leading Open Source Data Center Automation and Configuration Management Tool | Puppet Labs.

Intel Launches Hadoop Distribution And Project Rhino, An Effort To Bring Better Security To Big Data

Posted on by

Intel says the distribution is optimized for the Intel Xeon processor platform. In its announcement, the company states it can analyze one terabyte of data, which would previously take more than four hours to fully process, can now be done in seven minutes.

via Intel Launches Hadoop Distribution And Project Rhino, An Effort To Bring Better Security To Big Data | TechCrunch.

TIFF Files Can Attack BlackBerry Server

Posted on by

Hiding malicious code inside image files isn’t new: way back in ye olden days of 2004, malware hidden inside JPEG files plagued Windows machines. Some administrators are doubtlessly wondering why, after all this time, this sort of vulnerability hasn’t been decisively eliminated from the online world.

via TIFF Files Can Attack BlackBerry Server.

From: BlackBerry Vulnerability Could Allow Access to Enterprise Server

An attacker could rig a TIFF image with malware and get a user to either view the image via a specially crafted website or send it to the user via email or instant message. The last two exploit vectors could make it so the user wouldn’t have to click the link or image, or view the email or instant message, for the attack to prove successful. Once executed, an attacker could access and execute code on Blackberry’s Enterprise Server. According to the advisory, an attacker could also “extend access to other non-segmented parts of the network,” depending on privileges.